package com.jprocms.module.cms.config;

import com.jpro.framework.security.config.AuthorizeRequestsCustomizer;
import com.jpro.framework.web.core.handler.GlobalExceptionHandler;
import com.jpro.module.infra.api.logger.ApiErrorLogApi;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;

/**
 * cms 模块的 Security 配置
 */
@Configuration(proxyBeanMethods = false, value = "cmsPortalSecurityConfiguration")
public class SecurityConfiguration {
    @Value("${spring.application.name}")
    private String applicationName;

    @Bean("cmsPortalAuthorizeRequestsCustomizer")
    public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
        return new AuthorizeRequestsCustomizer() {

            @Override
            public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
                // Swagger 接口文档
                registry.antMatchers("/v3/api-docs/**").permitAll() // 元数据
                        .antMatchers("/swagger-ui.html").permitAll(); // Swagger UI
                registry.antMatchers("/**").permitAll();
            }

        };
    }


    @Bean
    @SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
    public GlobalExceptionHandler globalExceptionHandler(ApiErrorLogApi apiErrorLogApi) {
        return new GlobalExceptionHandler(applicationName, apiErrorLogApi);
    }

}
